Hi there, After I read this mail I checked our logs and the same thing poped up there: access_log:195.92.95.61 - - [25/May/2001:19:35:34 +0200] "HEAD /cobalt-images/welcome2.gif HTTP/1.0" 404 0 access_log:195.92.95.61 - - [24/Jun/2001:03:50:57 +0200] "GET /cobalt-images/welcome2.gif HTTP/1.0" 404 291 error_log:[Fri May 25 19:35:34 2001] [error] [client 195.92.95.61] File does not exist: /to/vhost/cobalt-images/welcome2.gif error_log:[Sun Jun 24 03:50:57 2001] [error] [client 195.92.95.61] File does not exist: /to/vhost/cobalt-images/welcome2.gif I noticed the IP adress is (probably) the same and it reverses to: Name: ariston.netcraft.com Address: 195.92.95.61 Appearantly somebody just used netcraft to see more information about your server :) So no worries :) dowebwedo Jeroen Wesbeek .programming Nieuwekade 213 | 3511 RW Utrecht The Netherlands p 030 232 63 38 | f 030 234 26 16 [roses are red, violets are blue, I am schizophrenic and so am I ] -----Original Message----- From: Ryan W. Maple [mailto:ryanat_private] Sent: donderdag 26 juli 2001 19:04 To: incidentsat_private Subject: Cobalt Scan I just got this in one of my access_log's today: 195.92.95.XX - - [26/Jul/2001:10:25:57 -0400] "HEAD /cobalt-images/welcome2.gif HTTP/1.0" 404 0 It looks like a scan for a Cobalt box. I don't have one but I haven't seen this mentioned here before (probably part of some bigger kit I'd assume). Cheers, Ryan +-- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --+ Ryan W. Maple "I dunno, I dream in Perl sometimes..." -LW Guardian Digital, Inc. ryanat_private +-- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --+ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Jul 29 2001 - 09:19:02 PDT